Access control (IT)

Access control (IT)

Digital access controls ensures only those people who are directly involved with sensitive data or patient care, and have a legitimate reason to access such information can do so.


Biometrics e.g. fingerprint technology.

Multi-factor or two-factor authentication (MFA/2FA) – involves demonstration of: knowledge (something you know), possession (something you have), and inherence (something you are). Such methods provide additional protection compared with a username/password system.

Passwords – standard authentication method. The National Cyber Security Centre (NCSC) now recommend organisations do not force regular password expiry. NCSC explain this reduces the those vulnerabilities associated with regularly expiring passwords (described within their password guidance) while doing little to increase the risk of long-term password exploitation.

Role-based access control (RBAC) – Roles control what a pharmacy team member can do and what they can see.

Smartcards – Provide security measures to protect patient data.


Latest Contract & IT news

View more Contract & IT news >

Name change for Appeals Unit

From 2nd July 2018, the Family Health Services Appeal Unit (or FHSAU) has been renamed as the Primary Care Appeals...